pulsar icon indicating copy to clipboard operation
pulsar copied to clipboard

Published 20 hours ago verified publisher icon apache

[improve][authentication] Pass the authorization when user lookup transactionCoordinator topic

Open TakaHiR07 opened this issue 9 months ago • 2 comments

Motivation

As seen in the AuthenticatedTransactionProducerConsumerTest, if we enable authorization, and want to produce/consume to a normal topic by transaction, we not only need to grant permission on normal topic, but also need to grant permission on system namespace.

企业微信截图_5ed0c5c6-6101-4217-9c21-3aa3e5bba35b

It looks unreasonable and very dangerous.

Normal users just want to produce/consume to a normal topic by transaction, but super user need to grant the whole system namespace permission to them. I think the reasonable way is to make normal user unable to produce/consume system namespace directly, instead, make them able to lookup the transactionCoordinator topic.

Modifications

When do canLookupAsync(), if the topic is tc topic, pass the authorization

Verifying this change

  • [ ] Make sure that the change passes the CI checks.

Documentation

  • [ ] doc
  • [ ] doc-required
  • [x] doc-not-needed
  • [ ] doc-complete

Matching PR in forked repository

PR in forked repository: https://github.com/TakaHiR07/pulsar/pull/20

TakaHiR07 avatar May 20 '24 09:05 TakaHiR07